<?php
if(empty($buid)&&empty($_GET['type']))
msg($config['weburl']."/login.php?forward=".urlencode("$config[weburl]/?m=product&s=shop_order"));
else
{
	if($_POST['act'] != 'order'){

		include_once("$config[webroot]/module/member/includes/plugin_orderadder_class.php");
		include_once("$config[webroot]/module/logistics/includes/logistics_class.php");
		include_once("$config[webroot]/module/member/includes/plugin_member_class.php");
		$orderadder=new orderadder();$logistics = new logistics(); $member=new member();
		$product_id = $_SESSION['product_id'];
		$ticket_info = unserialize($_SESSION['ticket_info']);
		$sql = "select * from ".SETMEAL." where id = '$product_id' ";
		$db->query($sql);
		$product_info = $db->fetchRow();
		$product_info['num'] = count($ticket_info['body']['ticket']);
		$total = number_format($product_info['price'] * $product_info['num'],2);
		$tpl->assign('total_price',$total); //总价格
		//积分
		$points=$member->get_points();
		$tpl->assign("points",round($points/100,2));

		//支付方式
		$sql = "select payment_id,payment_name,payment_type,payment_desc from ".PAYMENT." where payment_type!='cards' and active=1 order by payment_id desc";
		$db->query($sql);
		$pay = $db->getRows();
		$tpl->assign("pay",$pay);
		$tpl->assign("consignee",$orderadder->get_consignee());//收货地址

		$sql = "select id,type,title,`desc` from ".LGSTEMP." where status=1"; //配送方式
		$db->query($sql);
		$ship = $db->getRows();
		foreach($ship as $key=>$val)
		{
			$ship[$key]['price']=$logistics->count_freight($val['id'],$city,$sumprice,$weight);
		}
		$tpl->assign("ship",$ship);

		//区域
		$sql = "select * from ".DISTRICT." where pid = 0 ";
		$db->query($sql);
		$prov = $db->getRows();
		$tpl->assign("prov",$prov);

		$tpl->assign("product_info",$product_info); //票品信息
		$tpl->assign("ticket_info",$ticket_info);

	} else {

		$ticket_info = unserialize($_SESSION['ticket_info']);
		foreach($_POST as $key => $val){

			if(!is_array($val)){
				$param[$key] = htmlspecialchars(stripslashes($val));
			} else {
				$param[$key] = $val;
			}

		}
		if($_SESSION['product_id'] != $param['product_id']){
			echo "<script type='text/javascript'> alert('产品的id异常');window.history.back();</script>";
			return false;
		}


		if(empty($param['ship_name'])||empty($param['provinceid']) || empty($param['cityid']) || empty($param['areaid']) ||empty($param['ship_mobile']) ||empty($param['ship_addr'])){
			echo "<script type='text/javascript'> alert('请填写地址');window.history.back();</script>";
			return false;
		}
		if(empty($param['delivery_way'])){
			echo "<script type='text/javascript'> alert('请选择配送方式');window.history.back();</script>";
			return false;
		}
		if(empty($param['pay_type'])){
			echo "<script type='text/javascript'> alert('请选择支付方式');window.history.back();</script>";
			return false;
		}
		if(empty($param['product_id']) || empty($param['num'])){
			echo "<script type='text/javascript'> alert('请选择购买的票品');window.location.href='".$config['weburl']."';</script>";
			return false;
		}

		$db->query("select * from ".SETMEAL." where id = '{$param['product_id']}' ");
		$product_info = $db->fetchRow();
		$num = count($ticket_info['body']['ticket']) > 0 ? count($ticket_info['body']['ticket']) : 1;
		$total = number_format($product_info['price'] * $num,2);

		$db->query("select * from ".MEMBERADDR." where name='{$param['ship_name']}' and provinceid='{$param['provinceid']}' and cityid='{$param['cityid']}' and areaid='{$param['areaid']}' and address='{$param['ship_addr']}' and mobile='{$param['ship_mobile']}' ");
		$is_address_exits = $db->fetchRow();
		if(empty($is_address_exits)){
			//新增地址
			$address_sql = "insert into ".MEMBERADDR." (`userid`,`name`,`provinceid`,`cityid`,`areaid`,`address`,`mobile`) VALUES
 				('$buid','{$param['ship_name']}','{$param['provinceid']}','{$param['cityid']}','{$param['areaid']}','{$param['ship_addr']}','{$param['ship_mobile']}')";
			$db->query($address_sql);
		}
		//选择配送方式
		$shipping = [];
		if($param['delivery_way'] == 'express'){
			$ship_sql = "select l.*,c.default_price from ".LGSTEMP." l left join ".LGSTEMPCON." c on l.id = c.temp_id where l.type=0";
			$db->query($ship_sql);
			$shipping = $db->fetchRow();
			$freight = $shipping['default_price'];
		} else {
			$freight = 0;
		}

		$cost = $total;

		if($cost <=0){
			echo "<script type='text/javascript'> alert('支付金额异常');window.history.back();</script>";
			return false;
		}

		//支付方式
		$sql = "select payment_id,payment_name from ".PAYMENT." where payment_type='{$param['pay_type']}' ";
		$db->query($sql);
		$pay = $db->fetchRow();
		//创建订单
		$order_id=date("Ymdhis").rand(0,9);//订单号
		$pname=!empty($products['pname']) ? $products['pname'] : $config['company'];//此次购物的产品名总称
		$pay_price = ($cost - $param['cost_point']) > 0 ? $cost - $param['cost_point'] : 0;
		/***生成订单****/
		$sql = "INSERT INTO ".ORDER."(member_id,order_id,create_time,payment_id,payment_name,ship_name,ship_addr,ship_mobile,cost,freight,provinceid,cityid,areaid,invoice_type,invoice_company,shipping_id,shipping_name,point,id_card,student_card,cost_point,ticket_info) VALUES
				($buid,'$order_id','".time()."','{$pay['payment_id']}','{$pay['payment_name']}','{$param['ship_name']}','{$param['ship_addr']}','{$param['ship_mobile']}','$pay_price','$freight','{$param['provinceid']}','{$param['cityid']}',
				'{$param['areaid']}','{$param['invoice_type']}','{$param['invoice_company']}','{$shipping['id']}','{$shipping['title']}','{$products['point']}','{$param['id_card']}','{$param['student_card']}','{$param['cost_point']}','{$_SESSION['ticket_info']}')";
		$flag=$db->query($sql);
		$ticket_seat = serialize($ticket_info['body']['ticket']);
		//--产品信息
		$sql = "INSERT INTO ".ORPRO." (`order_id`,`buyer_id`,`pid`,`pcatid`,`name`,`pic`,`price`,`num`,`time`,`product_id`,`per_date`,`ticket_seat`,`spot_id`) VALUES
			($order_id,$buid,$product_info[pid],'$product_info[catid]','$product_info[pname]','".$product_info['pic']."','".$product_info['price']."','".$num."','".time()."','{$product_info['id']}','{$product_info['performance_start_time']}','$ticket_seat','{$product_info['spot']}')";
		$db->query($sql);
		$pname=$pname.'-'.$product_info['pname'];

		include_once("$config[webroot]/module/product/includes/plugin_order_class.php");
		include_once("$config[webroot]/module/member/includes/plugin_member_class.php");
		$order=new order();
		$member = new member();
		$order->order_log($order_id,'订单创建','创建');
		$order->add_order_delivery($order_id,$ship,'');
		$order->add_order_payment($order_id,($cost+$freight),$pay);

		$member->add_points(($param['cost_point']*100) * -1, '4', $order_id, $buid);
		include_once("$config[webroot]/module/payment/lang/$config[language].php");
		$post['type']=1;//直接到账
		$post['action']='add';//
		$post['buyer_email']=$buid;
		$post['seller_email']='admin@systerm.com';
		$post['order_id']=$order_id;//外部订单号
		$post['price']=$pay_price + $freight;//订单总价，单价元
		$post['return_url']='main.php?m=product&s=admin_orderdetail&id='.$order_id.'&type=buy';//返回地址
		$post['notify_url']='main.php?m=product&s=admin_orderdetail&id='.$order_id.'&type=buy';//异步返回地址。
		$post['note']=$pname;
		pay_get_url($post);//跳转至订单生成页面
		if($re<0)
		{
			if($re==-2)
				msg('main.php?m=payment&s=admin_info','您的支付账户还没有开通');
			if($re==-1)
				msg("$config[weburl]/?m=product&s=cart",'卖家没有开通支付功能，暂不能购买');
		}

	}


}
//=================================================
$tpl->assign("config",$config);
$tpl->assign("current","product");
include_once("footer.php");

$out=tplfetch("shop_order_seat.htm",$flag,true);

?>